﻿<!-- #include file="Skin.asp" -->
<!-- #include file="Channel.asp" -->
<!--#include file="Upfile.asp"-->
<%
Tit="上传文件"
Is_Refur_True=false
If Cookies_Get(Cookies_For&"Admin") = "GongXiang_Admin" Then
	Login_UserName = Cookies_Get(Cookies_For&"AdminUsername")
End If
If Session_Get(Session_For&"AdminID") = "" Then
	Response.Write "登录失败"
	Response.End()
End If
Dim strSetting,strJs
Dim IsReName,IsAutoSort
Dim strFilePath,InceptType,InceptMaxSize,Today_num
Dim Upload,FormName,FilePath,ChildFilePath
Dim File,F_FileName,F_ViewName,F_Filesize,F_FileExt,F_Type
Dim Previewpath,DrawInfo,InceptMaxFile
Dim IsTrueUpfiles
Dim JsObjName,MObjName,TObjName
Dim Channel_ID
Dim Dim_UpConfig,Up_Type,Up_Filters,Is_Upload
Up_Type=UploadSetting(3)
Up_Filters=UploadSetting(4)
Channel_ID=Code_Query("ID")
UpFileType=Code_Query("Type")
JsObjName=Code_Query("Obj")
JObjName=Code_Query("JObj")
MObjName=Code_Query("MObj")
TObjName=Code_Query("TObj")
ErrMsg="":FoundErr=False
IsTrueUpfiles=0:IsReName=1:IsAutoSort=1  '默认
If Channel_ID > 0 Then
	Call GetChannel(Channel_ID)
End If

Call Upload_Head()

If Action="Up" Then
	Call Upfile_Main()
Else
	Call UpLoad_Main()
End If

If FoundErr=True Then
	Response.Write IsSuccess(ErrMsg,"Include/Upload.asp?ID=" & Channel_ID & "&Type=" & UpFileType & "&Obj=" & JsObjName & "&JObj=" & JObjName & "&MObj=" & MObjName & "&TObj=" & TObjName & "")
End If

Call Upload_End()

Sub Upload_Head()
	Response.Write "<!DOCTYPE html>" & vbCrLf
	Response.Write "<head>" & vbCrLf
	Response.Write "<title>" & SiteName & " - " & Tit & "</title>" & vbCrLf
	Response.Write "<meta http-equiv='Content-Type' content='text/html; charset=utf-8'>" & vbCrLf
	Response.Write "<link rel=""stylesheet"" type=""text/css"" href=""../" & AdminFolder & "/fonts/font-awesome/css/font-awesome.min.css"" />" & vbCrLf
	Response.Write "<link href='../" & AdminFolder & "/Plugins/layui/css/layui.css' rel='stylesheet' type='text/css' />" & vbCrLf
	Response.Write "<link href='../" & AdminFolder & "/Style/global.css' rel='stylesheet' type='text/css' />" & vbCrLf
	Response.Write "<link href='../" & AdminFolder & "/Style/font.css' rel='stylesheet' type='text/css' />" & vbCrLf
	Response.Write "<script type='text/javascript' src='../" & AdminFolder & "/Js/Admin.js'></script>" & vbCrLf
	Response.Write "<link rel='stylesheet' type='text/css' href='../Dialog/default.css'>" & vbCrLf
	Response.Write "<script type='text/javascript' src='../Dialog/main.js'></script>" & vbCrLf
	Response.Write "<link rel='stylesheet' type='text/css' href='../Dialog/style/default.css'>" & vbCrLf
	Response.Write "<script type='text/javascript' src='../Dialog/lhgcore.min.js'></script>" & vbCrLf
	Response.Write "<script type='text/javascript' src='../Dialog/lhgcalendar.min.js'></script>" & vbCrLf
	Response.Write "<script type=""text/javascript"" src=""../" & AdminFolder & "/Plugins/layui/layui.js""></script>" & vbCrLf
	Response.Write "<script type='text/javascript'>" & vbCrLf
	Response.Write "if (top.location==self.location) {top.location=""../"";}" & vbCrLf
	Response.Write "function upload_submit() {" & vbCrLf
	Response.Write "	if(document.frm_upload.myfile.value=="""") {" & vbCrLf
	Response.Write "		IsAlertFocus('请选择要上传的文件！','myfile');" & vbCrLf
	Response.Write "		return false;" & vbCrLf
	Response.Write "	}" & vbCrLf
	Response.Write "	FileType=document.frm_upload.FileName.value.substr(document.frm_upload.FileName.value.length-3)" & vbCrLf
	If IsNumeric(UpFileType) Then
		If Channel_ID=0 Then
			Response.Write "	if ("
			If Instr(Up_Type,"|") > 0 Then
				StrUpload=Split(Up_Type,"|")
				For i = 0 to Ubound(StrUpload)
					If i<>Ubound(StrUpload) Then
						Response.Write "FileType!=""" & StrUpload(i) & """ && "
					Else
						Response.Write "FileType!=""" & StrUpload(i) & """"
					End If
				Next
			Else
				Response.Write "FileType!=""" & StrUpload & """"
			End If
			Response.Write ") {" & vbCrLf
			Response.Write "		IsAlert(""文件类型不正确，只允许上传类型为 " & Replace(Up_Type, "|", ",", 1, -1, 1) & " 的文件！"");" & vbCrLf
		End If
		If Channel_ID>0 Then
			Response.Write "	if ("
			If Instr(ChannelUpFileType(UpFileType),"|") > 0 Then
				StrUpload=Split(ChannelUpFileType(UpFileType),"|")
				For i = 0 to Ubound(StrUpload)
					If i<>Ubound(StrUpload) Then
						Response.Write "FileType!=""" & StrUpload(i) & """ && "
					Else
						Response.Write "FileType!=""" & StrUpload(i) & """"
					End If
				Next
			Else
				Response.Write "FileType!=""" & StrUpload & """"
			End If
			Response.Write ") {" & vbCrLf
			Response.Write "		IsAlert(""文件类型不正确，只允许上传类型为 " & Replace(ChannelUpFileType(UpFileType), "|", ",", 1, -1, 1) & " 的文件！"");" & vbCrLf
		End If
	End If
	Response.Write "		document.frm_upload.myfile.select();" & vbCrLf
	Response.Write "		document.frm_upload.FileName.select();" & vbCrLf
	Response.Write "		document.frm_upload.myfile.value="""";" & vbCrLf
	Response.Write "		document.frm_upload.FileName.value="""";" & vbCrLf
	Response.Write "		return false;" & vbCrLf
	Response.Write "	}" & vbCrLf
	Response.Write "	document.frm_upload.myfile.select();" & vbCrLf
	Response.Write "	document.frm_upload.myfile.value="""";" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "function SaveFilesUrl(sChannelID,type,arr,objname,objname2) {" & vbCrLf
	Response.Write "	if(objname!='') {" & vbCrLf
	Response.Write "		var obj = parent.document.getElementById(objname);" & vbCrLf
	Response.Write "		var strT=arr.split('|');" & vbCrLf
	Response.Write "		if (sChannelID=='2'&type!='') {" & vbCrLf
	Response.Write "			var url='图片名称'+(obj.length+1)+'|'+strT[0];" & vbCrLf
	Response.Write "			obj.options[obj.length]=new Option(url,url);" & vbCrLf
	Response.Write "		}" & vbCrLf
	Response.Write "		else if (sChannelID=='3'&type!='') {" & vbCrLf
	Response.Write "			var url='下载地址'+(obj.length+1)+'|'+strT[0];" & vbCrLf
	Response.Write "			obj.options[obj.length]=new Option(url,url);" & vbCrLf
	Response.Write "		}" & vbCrLf
	Response.Write "		if (objname2!='') {" & vbCrLf
	Response.Write "			parent.document.getElementById(objname2).value=strT[1];" & vbCrLf
	Response.Write "		}" & vbCrLf
	Response.Write "	}" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "function AddUploadFiles(objname,files) {" & vbCrLf
	Response.Write "	if (files == """") {" & vbCrLf
	Response.Write "		return;" & vbCrLf
	Response.Write "	}" & vbCrLf
	Response.Write "	if(objname!='') {" & vbCrLf
	Response.Write "		var obj = parent.document.getElementById(objname);" & vbCrLf
	Response.Write "		obj.options[obj.length]=new Option(files,files);" & vbCrLf
	Response.Write "	}" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "</script>" & vbCrLf
	Response.Write "</head>" & vbCrLf
	Response.Write "<body>" & vbCrLf
End Sub

Sub Upload_End()
    Response.Write "</body>" & vbCrLf
    Response.Write "</html>"
End Sub

Sub UpLoad_Main()
	Dim PostRanNum
	Randomize
	PostRanNum = Int(900 * Rnd) + 100
	Session("UploadCode"&Channel_ID&UpFileType) = Cstr(PostRanNum)
    Response.Write "  <form name=""frm_upload"" action=""Upload.asp?Action=Up&ID=" & Channel_ID & "&Type=" & UpFileType & "&Obj=" & JsObjName & "&JObj=" & JObjName & "&MObj=" & MObjName & "&TObj=" & TObjName & """ method=""post"" enctype=""multipart/form-data"" onSubmit=""javascript:return upload_submit();"">" & vbCrLf
    Response.Write "    <input type=""hidden"" name=""UploadCode" & Channel_ID & "" & UpFileType & """ value=""" & PostRanNum & """>" & vbCrLf
    Response.Write "      <input type=""text"" class=""txt"" onchange=""FileName.value=this.value"" id=""myfile"" name=""myfile"" size=""26"" style=""width: 160px;height: 38px;padding: 6px 12px;background-color: #fff;border: 1px solid #c2cad8;border-radius: 4px;-webkit-box-sizing: border-box;-moz-box-sizing: border-box;box-sizing: border-box;"">&nbsp;<button type=""button"" class=""layui-btn uploader"" hidefocus=""true"">浏览<input type=""file"" name=""FileName"" id=""FileName"" onchange=""myfile.value=this.value""></button>&nbsp;<button type=""submit"" class=""layui-btn"" hidefocus=""true"">上传</button>" & vbCrLf
    Response.Write "  </form>" & vbCrLf
End Sub

Sub Upfile_Main()
	ComeUrl=Request.ServerVariables("HTTP_REFERER")
	if ComeUrl="" Then ComeUrl="javascript:history.go(-1)"
	'if Not Is_Login_True or Post_Chk Then
		'Response.Write IsSuccess("您未登录，或者从外部提交信息，操作已被禁止。","Include/Upload.asp?ID=" & Channel_ID & "&Type=" & UpFileType & "&Obj=" & JsObjName & "&JObj=" & JObjName & "&MObj=" & MObjName & "&TObj=" & TObjName & "")
		'Response.End()
	'end if
	strSetting=UploadSetting
	if strSetting(0)=999 Then
		Response.Write IsSuccess("系统未开放文件上传功能。","Include/Upload.asp?ID=" & Channel_ID & "&Type=" & UpFileType & "&Obj=" & JsObjName & "&JObj=" & JObjName & "&MObj=" & MObjName & "&TObj=" & TObjName & "")
		Response.End()
	end if
	if Channel_ID<0 or Channel_ID>999 Then
		Response.Write IsSuccess("本模型上传功能已禁用！","Include/Upload.asp?ID=" & Channel_ID & "&Type=" & UpFileType & "&Obj=" & JsObjName & "&JObj=" & JObjName & "&MObj=" & MObjName & "&TObj=" & TObjName & "")
		Response.End()
	end if
	if IsNumeric(UpFileType) Then
		'if Cint(UpFileType)<>0 Then UpFileType=0
		IsTrueUpfiles=ChannelUploadType
		InceptMaxSize=ChannelMaxFileSize   '上传大小
		if Channel_ID=0 Then
			strFilePath=UploadSetting(1)  '上传路径
			InceptType=Up_Type  '基本上传类型
			IsReName=1
			IsAutoSort=1
			InceptMaxSize=UploadSetting(21)   '上传大小
			if UploadSetting(0)=999 Then
				Response.Write IsSuccess("本模型上传功能已禁用！","Include/Upload.asp?ID=" & Channel_ID & "&Type=" & UpFileType & "&Obj=" & JsObjName & "&JObj=" & JObjName & "&MObj=" & MObjName & "&TObj=" & TObjName & "")
				Response.End()
			end if
		end if
		if Channel_ID>0 Then
			strFilePath=Trim(ChannelUploadDir)
			InceptType=ChannelUpFileType(UpFileType)  '上传类型
			IsReName=Get_ChannelSetup(ChannelSetup,15)
			IsAutoSort=Get_ChannelSetup(ChannelSetup,16)
			InceptMaxSize=ChannelMaxFileSize   '上传大小
			if IsTrueUpfiles=0 Then
				Response.Write IsSuccess("本模型上传功能已禁用！","Include/Upload.asp?ID=" & Channel_ID & "&Type=" & UpFileType & "&Obj=" & JsObjName & "&JObj=" & JObjName & "&MObj=" & MObjName & "&TObj=" & TObjName & "")
				Response.End()
			end if
		end if
	else
		IsTrueUpfiles=ChannelUploadType
		InceptType=ChannelUpFileType(0)&"|"&ChannelUpFileType(1)&"|"&ChannelUpFileType(3)  '上传类型
	end if
	strFilePath=InstallDir & UploadSetting(1) & "/" & strFilePath & "/"
	FilePath=strFilePath
	if IsAutoSort=1 Then
		FilePath = CreatePath(FilePath) '按年月分类目录
	end if
	If strSetting(9)=1 Then
		DrawInfo = strSetting(10)
	ElseIf strSetting(9)=2 Then
		DrawInfo = Replace(strSetting(15),"{$InstallDir}",InstallDir)
		'DrawInfo = strSetting(15)
	Else
		DrawInfo = ""
	End If
	If DrawInfo = "" or Get_ChannelSetup(ChannelSetup,11)=0 Then strSetting(9) = 0
	Server.ScriptTimeOut=999999				'要是上传的文件比较大，就必须设置。
	Set Upload = New UpFile_Cls
	Upload.UploadType			= strSetting(0)				'设置上传组件类型
	Upload.UploadPath			= FilePath					'设置上传路径
	Upload.InceptFileType		= Replace(InceptType,"|",",")'设置上传文件限制
	Upload.MaxSize				= InceptMaxSize		'单位 KB
	Upload.InceptMaxFile		= 10						'每次上传文件个数上限
	Upload.ChkSessionName		= "UploadCode"&Channel_ID&UpFileType'防止重复提交。
	Upload.IsReName				= IsReName				'是否重命名。
	Upload.PreviewType			= strSetting(5)	        '设置预览图片组件类型
	Upload.PreviewImageWidth	= strSetting(6)		    '设置预览图片宽度
	Upload.PreviewImageHeight	= strSetting(7)		    '设置预览图片高度
	Upload.DrawImageWidth		= strSetting(18)		'设置水印图片或文字区域宽度
	Upload.DrawImageHeight		= strSetting(19)		'设置水印图片或文字区域高度
	Upload.DrawGraph			= strSetting(16)		'设置水印透明度
	Upload.DrawFontColor		= "#"&strSetting(12)			'设置水印文字颜色
	Upload.DrawFontFamily		= strSetting(13)			'设置水印文字字体格式
	Upload.DrawFontSize			= strSetting(11)			'设置水印文字字体大小
	Upload.DrawFontBold			= strSetting(14)		'设置水印文字是否粗体
	Upload.DrawInfo				= DrawInfo				'设置水印文字信息或图片信息
	Upload.DrawType				= strSetting(9)			'0=不加载水印 ，1=加载水印文字，2=加载水印图片
	Upload.DrawXYType			= strSetting(20)		'"0" =左上，"1"=左下,"2"=居中,"3"=右上,"4"=右下
	Upload.DrawSizeType			= strSetting(8)		    '"0"=固定缩小，"1"=等比例缩小
	If strSetting(17)<>"" Then
		Upload.TransitionColor	= "#"&strSetting(17)		'透明度颜色设置
	End If
	If Upload.ErrCodes<>0 Then
		FoundErr=True
		ErrMsg="系统发现以下错误：\n\n"& Upload.Description
		Exit Sub
	Else
		Upload.SaveUpFile
		If Upload.ErrCodes<>0 Then
			FoundErr=True
			ErrMsg="系统发现以下错误：\n\n"& Upload.Description
			Exit Sub
		End If
	End IF
	If Upload.Count > 0 Then
		For Each FormName In Upload.UploadFiles
			Set File = Upload.UploadFiles(FormName)
			F_FileName = FilePath & File.FileName
			call tmp_upload(f_filename)
			'创建预览及水印图片
			If Upload.PreviewType<>999 and File.FileType=1 Then
				'创建预览图片:Call CreateView(原始文件的路径,预览文件名及路径,原文件后缀)
				Upload.CreateView F_FileName,F_Viewname,File.FileExt
			End If
			
			Dim strSaveUrl,strSaveUrl1,strFileSize,strFileName

			if Lcase(left(F_FileName,Len(InstallDir & UploadSetting(1))))=Lcase(InstallDir & UploadSetting(1)) Then
				strSaveUrl="{$download_dir}"  & mid(F_FileName,Len(InstallDir & UploadSetting(1))+1)
			elseif Lcase(left(F_FileName,Len(UploadSetting(1))))=Lcase(UploadSetting(1)) Then
				strSaveUrl="{$upload_dir}" & mid(F_FileName,Len(UploadSetting(1))+1)
			elseif left(F_FileName,1)="/" Then
				strSaveUrl="{$InstallDir}" & mid(F_FileName,2)
			else
				strSaveUrl=Trim(F_FileName)
			end if
			if Channel_ID=0 Then
				strSaveUrl1="{$download_dir}" &mid(F_FileName,Len(InstallDir & UploadSetting(1))+1)&""
			else
				strSaveUrl1=strSaveUrl
			end if
			strFileSize=CStr(Round(File.FileSize / 1024))
			strFileName=File.OldFileName
			If Channel_ID=1 then
				strFileSize=F_Viewname
			End If
			Response.Write "<script type='text/javascript'>SaveFilesUrl('"&Channel_ID&"','"&UpFileType&"','"&strSaveUrl1&"|"&strFileSize&"','"&JObjName&"','"&MObjName&"');"
			If TObjName<>"" Then Response.Write "AddUploadFiles('"&TObjName&"','"&strSaveUrl&"');"
			If JsObjName<>"" Then Response.Write "parent.document.myform."&JsObjName&".value='"&strSaveUrl&"';"
			Response.Write "if(parent.document.myform.uppic){" & vbCrlf
			Response.Write "	if(parent.document.myform.uppic.value==""""){" & vbCrlf
			Response.Write "		parent.document.myform.uppic.value='"&strSaveUrl&"';" & vbCrlf
			Response.Write "	}else{" & vbCrlf
			Response.Write "		parent.document.myform.uppic.value=parent.document.myform.uppic.value+'|"&strSaveUrl&"';" & vbCrlf
			Response.Write "	}" & vbCrlf
			Response.Write "}" & vbCrlf
			Response.Write "</script>"
			Set File = Nothing
		Next
	Else
		FoundErr=True
		ErrMsg="请正确选择要上传的文件。"
		Exit Sub
	End If
	Set Upload = Nothing
	Response.Write IsSuccess("上传文件成功！","Include/Upload.asp?ID=" & Channel_ID & "&Type=" & Code_Query("Type") & "&Obj=" & JsObjName & "&JObj=" & JObjName & "&MObj=" & MObjName & "&TObj=" & TObjName & "")
	'Response.Write "<font class=red>上传成功</font>：<a href="""&strSaveUrl&""" target=_blank>"&strFileName&"</a> <font class=tims>("&strFileSize&"KB)</font>[ <a href="&ComeUrl&">继续上传</a> ]"
End Sub

'按月份自动明名上传文件夹,需要ＦＳＯ组件支持。
Private Function CreatePath(PathValue)
	Dim objFSO,uploadpath,strTmpPath
	uploadpath = PathValue & ReplaceTime(Now(), strSetting(2))	'以年月创建上传文件夹
	a = Split(uploadpath, "/")
	For i = 0 To (Ubound(a) - 1)
		If Right(PathValue,1)<>"/" Then PathValue = PathValue & "/"
		strTmpPath = strTmpPath & a(i) & "/"
		On Error Resume Next
		Set objFSO = Server.CreateObject(Fso_Sys)
			If objFSO.FolderExists(Server.MapPath(PathValue))=False Then
				objFSO.CreateFolder Server.MapPath(PathValue)
			End If
			If objFSO.FolderExists(Server.MapPath(strTmpPath))=False Then
				objFSO.CreateFolder Server.MapPath(strTmpPath)
			End If
		Set objFSO = Nothing
	Next
	CreatePath = uploadpath
End Function

Function ReplaceTime(s_Time, s_Patt)
	If IsDate(s_Time) = False Then
		ReplaceTime = ""
		Exit Function
	End If
	Dim ret
	ret = s_Patt
	Dim y1, y2, m1, m2, d1, d2, h1, h2, i1, i2, s1, s2
	y2 = CStr(Year(s_Time))
	y1 = Right(y2, 2)
	m1 = CStr(Month(s_Time))
	m2 = Right("0" & m1, 2)
	d1 = CStr(Day(s_Time))
	d2 = Right("0" & d1, 2)
	h1 = CStr(Hour(s_Time))
	h2 = Right("0" & h1, 2)
	i1 = CStr(Minute(s_Time))
	i2 = Right("0" & i1, 2)
	s1 = CStr(Second(s_Time))
	s2 = Right("0" & s1, 2)
	ret = Replace(ret, "{yyyy}", y2, 1, -1, 1)
	ret = Replace(ret, "{yy}", y1, 1, -1, 1)
	ret = Replace(ret, "{mm}", m2, 1, -1, 1)
	ret = Replace(ret, "{m}", m1, 1, -1, 1)
	ret = Replace(ret, "{dd}", d2, 1, -1, 1)
	ret = Replace(ret, "{d}", d1, 1, -1, 1)
	ret = Replace(ret, "{hh}", h2, 1, -1, 1)
	ret = Replace(ret, "{h}", h1, 1, -1, 1)
	ret = Replace(ret, "{ii}", i2, 1, -1, 1)
	ret = Replace(ret, "{i}", i1, 1, -1, 1)
	ret = Replace(ret, "{ss}", s2, 1, -1, 1)
	ret = Replace(ret, "{s}", s1, 1, -1, 1)
	ReplaceTime = ret
End Function

'上传附件非法代码过滤
Sub tmp_upload(upname)
	On Error Resume Next
	Dim objFSO,objTS,strText,strArray,ii
	Set objFSO=Server.CreateObject(Fso_Sys)
	Set objTS=objFSO.OpenTextFile(Server.MapPath(upname),1) '以文本文件方式读取文件
	strText=LCase(objTS.ReadAll) '全文读取，并转换为小写
	objTS.Close
	strArray=split(Up_Filters,"|")
	for ii=0 to ubound(strArray)
		if instr(strText,strArray(ii))<>0 Then
			is_upload=false
			Response.Write IsSuccess("上传失败：非法文件内容！","Include/Upload.asp?ID=" & Channel_ID & "&Type=" & UpFileType & "&Obj=" & JsObjName & "&JObj=" & JObjName & "&MObj=" & MObjName & "&TObj=" & TObjName & "")
			objFSO.DeleteFile Server.MapPath(upname),True '删除文件
		end if
		if is_upload=true Then exit sub
	next
	Set objFSO=nothing
End Sub
%>